brianpanskyfandomcom-20200213-history
Learning Django Forms
Apparently Django has it's own code ("API") for doing internet forms and submitting data to websites. Here I'll learn how to use it. I'll go through a tutorial or two, link to documentation, and try to explain things in my own words (especially when the explanations I link to are not quite clear enough). Form processing is complex: * it involves "interacting with many layers of an application" * all data submitted to the server comes in a string format, so we have to transform it into a proper data type (integer, float, date, etc.) before doing anything with it * "we have to validate the data regarding the business logic of the application" * we have to clean, sanitize the data properly so to avoid security issues such as SQL Injection and XSS attacks "Good news is that the Django Forms API makes the whole process a lot easier, automating a good chunk of this work. Also, the final result is a much more secure code than most programmers would be able to implement by themselves. So, no matter how simple the HTML form is, always use the forms API." ... "The Django Forms API does much more than processing and validating the data. It also generates the HTML for us." Mozilla Tutorial https://developer.mozilla.org/en-US/docs/Learn/Server-side/Django/Forms link to the relevant tutorial The Mozilla tutorial seems to be (in a previous part of the Mozilla Tutorial) using the latest good version of Django, 2.1, the same version I have. Good. And in the ModelForm section, it does explain certain things I had questions about! Nice. This is a better tutorial than the other one. Ok, so the forms tutorial goes through a lot of stuff and does things a certain way. I want to cut to the chase to find the answers to my own questions: * just, how do you make a form appear on a page? How difficult can it be? Of course, tutorial goes through all the rigamarole of urls.py, views.py and everything. But are those really different for forms than for other pages? Does the form just need to be put in the template html? _________________________________________________________________ Time for a summary of what is basically done in each python file, and each html file. Below is a list of all the files mentioned, after the list I'll make an informative version of the same list: * myapp/forms.py scroll up to paragraph above [https://developer.mozilla.org/en-US/docs/Learn/Server-side/Django/Forms#URL_Configuration this link] * myapp/urls.py ... * myapp/views.py scroll above the code above [https://developer.mozilla.org/en-US/docs/Learn/Server-side/Django/Forms#The_template this link] that whole section is about the "views", starts [https://developer.mozilla.org/en-US/docs/Learn/Server-side/Django/Forms#The_template#View way up here] * Templates: ** ""book_renew_librarian.html"" ** ""author_form.html"" ** ""author_confirm_delete.html"" __FORCETOC__ _________________________________________________________________ Too much! Ok, what do we do with each of these: * forms.py ** Obviously important. It's forms.py! Defines class for each form, makes sure data is clean and fits specifications. * urls.py ** Not much of note here. Standard. But "pk" helps if you need a form to edit or update data, not just add new data. * views.py ** Since the page has to show different stuff depending on situation (ex: invalid data) views needs to do some checking: *** show default unfilled form if it hasn't been submitted yet. (a "POST" request only occurs when you press "submit", so that's what the code checks for) *** if the form is submitted, this checks if the data is valid right here (by calling function from forms.py, also apparently calls a built in django function: ".is_valid()", see documentation here) ** pass a "dictionary" to the template specifying which form should be displayed, and (if data is to be modified, not just uploaded) what object is to be modified ** Then, of course, just displays the correct "template"/html. * Templates: ** ""book_renew_librarian.html"" *** has "form.as_table" jinja in some html form tags. So how does it know which form? Answer: the template variable, which we passed to the template in the context dictionary. (from views.py) *** there's some other stuff here, like the security token, and how to do the html. ** ""author_form.html"" *** same type of stuff as the previous html for book renewal.